| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.18 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.19 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.19 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.19 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.19 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.20 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.20 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.20 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.20 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.20 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| Disable promiscuous mode on all network interfaces | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| DTAM054 - McAfee VirusScan On-Demand scan must be configured to find unknown program threats. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM104 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown unwanted programs and trojans. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM105 - McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown macro viruses. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM105 - McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown macro viruses. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-005 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Enable only necessary and secure services, protocols, daemons - 'lwsmd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Ensure IP forwarding is disabled | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Configure Management VLAN' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Disable Telnet' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Enable ARP protection' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable SFTP' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Secure Management VLAN is enabled' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Snapshots are not present | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - AAA - RADIUS server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - AV License - Not Licensed | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Content Filtering On - LAN | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Disable insecure services - HTTP | TNS SonicWALL v5.9 | SonicWALL | |
| SonicWALL - Flood Protection - Layer 2 - Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - WAN machines | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Enforce compliance | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Max Seg Lifetime | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Log Alert Emails - Enabled | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Login Banner - Wireless Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| Use a static IP on the management network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable only necessary and secure services, protocols, daemons - 'sshd' | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable port locking by default on the VM guest network | TNS Citrix XenServer | Unix | |
| XenServer - Enable remote syslog | TNS Citrix XenServer | Unix | AUDIT AND ACCOUNTABILITY |
| XenServer - Ensure IP forwarding is disabled | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Identify a network interface to be used for storage access | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Install a trusted CA certificate on the pool | TNS Citrix XenServer | Unix | |
